| Server IP : 14.241.111.210 / Your IP : 3.14.144.35 Web Server : Apache System : Linux localhost.localdomain 3.10.0-1160.66.1.el7.x86_64 #1 SMP Wed May 18 16:02:34 UTC 2022 x86_64 User : www ( 1001) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /www/wwwroot/checkemail.webthanhha.com/ |
Upload File : |
<?php
date_default_timezone_set('Asia/Ho_Chi_Minh');
include('include/header.php');
include('include/config_db.php');
include('include/function.php');
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}else{
//echo 'Ket noi thanh cong.';echo '<br>';
}
?>
<h2 style="text-align: center">PASSWORD RECOVERY</h2>
<p style="text-align: center;">Please enter your new password here.</p>
<?php
$user_name = "";
if(isset($_GET['username']) && $_GET['username'] && isset($_GET['remember_token']) && $_GET['remember_token'] ){
$user_name = trim($_GET['username']);
$result = $conn->query("SELECT id FROM users WHERE username='".$_GET['username']."' AND remember_token='".trim($_GET['remember_token'])."'");
if($result->num_rows <= 0){
echo "<p style='text-align: center;'>Invalid path. Please check again!</p>";
echo "<p style='text-align: center;'><a href='javascript: history.go(-1)'>BACK</a></p>";
exit;
}else{
?>
<div class="container main py-3">
<div class="row">
<div class="col-md-4"></div>
<div class="col-md-4" style="margin: 0 auto;">
<form action="" method="POST" accept-charset="UTF-8" enctype="multipart/form-data">
<label>New Password (*):</label>
<input type="password" class="form-control" name="password" id="password" required /></p>
<label>Re-enter New Password (*):</label>
<input type="password" class="form-control" name="re_password" id="re_password" required /></p>
<input type="hidden" class="form-control" name="username" value="<?=$user_name ?>">
<input type="submit" name="recovery" class="btn btn-success" value="SUBMIT" />
</form>
</div>
<div class="col-md-4"></div>
</div>
</div>
<?php
if(isset($_POST['recovery']) && $_POST['recovery']){
if($_POST['password'] != $_POST['re_password']){
echo "<p style='text-align: center;'>Password does not match in two entries. Please check again!</p>";
echo "<p style='text-align: center;'><a href='javascript: history.go(-1)'>BACK</a></p>";
exit;
}
$user_name = $_POST['username'];
$pass_word = md5(trim($_POST['password']));
$remember_token = rand_string(50);
$sql_update = "UPDATE users SET password ='$pass_word', remember_token ='$remember_token', updated_at='".date('Y-m-d H:i:s')."' WHERE username = '$user_name'";
if ($conn->query($sql_update) === TRUE) {
echo "<p style='text-align: center;'>Password recovery successful!</p>";
echo "<p style='text-align: center;'>Automatically return to login page after 3 seconds</p>";
header("Refresh: 3; URL=".$site);
exit;
}else{
echo "An error occurred. Please try again.".$conn->error;;
}
}
}
$conn->close();
}
include('include/footer.php');
?>